L'équipe Vigil@nce veille les vulnérabilités publiques qui affectent votre parc informatique, puis propose des correctifs sécurité, une base de données de vigilance et des outils pour y remédier.

Vulnérabilités informatiques de Juniper Junos Space

Intel Processors : obtention d'information via Special Register Buffer Data Sampling
Un attaquant peut contourner les restrictions d'accès aux données via Special Register Buffer Data Sampling de Intel Processors, afin d'obtenir des informations sensibles...
6344075, CERTFR-2020-AVI-351, CERTFR-2020-AVI-352, CERTFR-2020-AVI-353, CERTFR-2020-AVI-356, CERTFR-2020-AVI-368, CERTFR-2020-AVI-376, CERTFR-2020-AVI-547, CTX275165, CVE-2020-0543, DLA-2241-1, DLA-2241-2, DLA-2242-1, DLA-2248-1, DSA-4698-1, DSA-4699-1, DSA-4701-1, FEDORA-2020-11ddbfbdf0, FEDORA-2020-1afbe7ba2d, FEDORA-2020-3364913ace, FEDORA-2020-e47d28bc2b, FEDORA-2020-e49a911382, FEDORA-2020-e8835a5f8e, HPESBHF04001, INTEL-SA-00320, JSA11110, K25920352, openSUSE-SU-2020:0791-1, openSUSE-SU-2020:0801-1, openSUSE-SU-2020:0818-1, openSUSE-SU-2020:0965-1, openSUSE-SU-2020:0985-1, openSUSE-SU-2021:0242-1, RHSA-2020:2431-01, RHSA-2020:2432-01, RHSA-2020:2433-01, RHSA-2020:2677-01, RHSA-2020:2679-01, RHSA-2020:2680-01, RHSA-2020:2706-01, RHSA-2020:2707-01, RHSA-2020:2757-01, RHSA-2020:2758-01, RHSA-2020:2771-01, RHSA-2020:2842-01, SSA:2020-163-01, SSA-534763, SUSE-SU-2020:14393-1, SUSE-SU-2020:14394-1, SUSE-SU-2020:14521-1, SUSE-SU-2020:1599-1, SUSE-SU-2020:1630-1, SUSE-SU-2020:1632-1, SUSE-SU-2020:1633-1, SUSE-SU-2020:1634-1, SUSE-SU-2020:1663-1, SUSE-SU-2020:2156-1, SUSE-SU-2020:2478-1, SUSE-SU-2020:2487-1, SUSE-SU-2020:2822-1, USN-4385-1, USN-4385-2, USN-4387-1, USN-4388-1, USN-4389-1, USN-4390-1, USN-4391-1, USN-4392-1, USN-4393-1, VIGILANCE-VUL-32486, XSA-320
ISC BIND : déni de service via tsig.c
Un attaquant peut provoquer une erreur fatale via tsig.c de ISC BIND, afin de mener un déni de service...
6244244, 6344107, CERTFR-2020-AVI-302, CERTFR-2021-AVI-033, CVE-2020-8617, DLA-2227-1, DSA-4689-1, JSA11091, JSA11110, K05544642, openSUSE-SU-2020:1699-1, openSUSE-SU-2020:1701-1, RHSA-2020:2338-01, RHSA-2020:2344-01, RHSA-2020:2345-01, RHSA-2020:2383-01, RHSA-2020:2404-01, RHSA-2020:2893-01, RHSA-2020:3378-01, RHSA-2020:3379-01, RHSA-2020:3433-01, RHSA-2020:3470-01, RHSA-2020:3471-01, RHSA-2020:3475-01, SSA:2020-140-01, SUSE-SU-2020:14400-1, SUSE-SU-2020:2914-1, USN-4365-1, USN-4365-2, VIGILANCE-VUL-32332
ISC BIND : surcharge via NXNSAttack On Recursive Resolvers
Un attaquant peut provoquer une surcharge via NXNSAttack On Recursive Resolvers de ISC BIND, afin de mener un déni de service...
6244244, 6344107, CERTFR-2020-AVI-302, CERTFR-2021-AVI-033, CVE-2020-8616, DLA-2227-1, DSA-4689-1, JSA11090, JSA11110, K97810133, openSUSE-SU-2020:1699-1, openSUSE-SU-2020:1701-1, RHSA-2020:2338-01, RHSA-2020:2344-01, RHSA-2020:2345-01, RHSA-2020:2383-01, RHSA-2020:2404-01, RHSA-2020:3272-01, RHSA-2020:3378-01, RHSA-2020:3379-01, RHSA-2020:3433-01, RHSA-2020:3470-01, RHSA-2020:3471-01, RHSA-2020:3475-01, SSA:2020-140-01, SUSE-SU-2020:14400-1, SUSE-SU-2020:2914-1, USN-4365-1, USN-4365-2, VIGILANCE-VUL-32300
Noyau Linux : déni de service via CIPSO
Un attaquant peut envoyer des paquets CIPSO malveillants vers une machine Linux, afin de mener un déni de service...
CERTFR-2020-AVI-281, CERTFR-2020-AVI-295, CERTFR-2020-AVI-306, CERTFR-2020-AVI-311, CERTFR-2020-AVI-320, CERTFR-2020-AVI-355, CERTFR-2020-AVI-368, CERTFR-2020-AVI-369, CERTFR-2020-AVI-376, CERTFR-2020-AVI-421, CERTFR-2020-AVI-462, CERTFR-2020-AVI-489, CERTFR-2020-AVI-547, CVE-2020-10711, DLA-2242-1, DSA-4698-1, DSA-4699-1, FEDORA-2020-4336d63533, FEDORA-2020-5a69decc0c, FEDORA-2020-c6b9fff7f8, JSA11110, openSUSE-SU-2020:0801-1, openSUSE-SU-2020:0935-1, openSUSE-SU-2021:0242-1, RHSA-2020:2082-01, RHSA-2020:2085-01, RHSA-2020:2102-01, RHSA-2020:2103-01, RHSA-2020:2104-01, RHSA-2020:2125-01, RHSA-2020:2171-01, RHSA-2020:2199-01, RHSA-2020:2203-01, RHSA-2020:2214-01, RHSA-2020:2242-01, RHSA-2020:2277-01, RHSA-2020:2285-01, RHSA-2020:2289-01, RHSA-2020:2291-01, RHSA-2020:2429-01, RHSA-2020:2519-01, RHSA-2020:2522-01, SSA:2020-163-01, SUSE-SU-2020:1599-1, SUSE-SU-2020:1663-1, SUSE-SU-2020:2027-1, SUSE-SU-2020:2105-1, SUSE-SU-2020:2134-1, SUSE-SU-2020:2152-1, SUSE-SU-2020:2156-1, SUSE-SU-2020:2478-1, SUSE-SU-2020:2487-1, USN-4411-1, USN-4412-1, USN-4413-1, USN-4414-1, USN-4419-1, VIGILANCE-VUL-32240
Oracle Java, OpenJDK : vulnérabilités de avril 2020
Plusieurs vulnérabilités ont été annoncées dans les produits Oracle...
6206850, 6235886, 6247119, 6247141, 6250529, 6369095, 6370579, 6371646, 6382282, 6415639, CERTFR-2020-AVI-217, cpuapr2020, CVE-2020-2754, CVE-2020-2755, CVE-2020-2756, CVE-2020-2757, CVE-2020-2764, CVE-2020-2767, CVE-2020-2773, CVE-2020-2778, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2816, CVE-2020-2830, DLA-2193-1, DSA-2020-130, DSA-2020-135, DSA-2020-151, DSA-2020-160, DSA-2020-198, DSA-4662-1, DSA-4668-1, FEDORA-2020-07aa58121a, FEDORA-2020-21ca991b3b, FEDORA-2020-36298e20f7, FEDORA-2020-372eeb28f3, FEDORA-2020-4578c4a082, FEDORA-2020-5386fe3bbb, FEDORA-2020-73341c894c, FEDORA-2020-755e4213b5, FEDORA-2020-831ec85119, FEDORA-2020-92ed6d99e4, FEDORA-2020-a60ad9d4ec, JSA11110, KB0085480, NTAP-20200416-0004, openSUSE-SU-2020:0757-1, openSUSE-SU-2020:0800-1, openSUSE-SU-2020:0841-1, RHSA-2020:1506-01, RHSA-2020:1507-01, RHSA-2020:1508-01, RHSA-2020:1509-01, RHSA-2020:1512-01, RHSA-2020:1514-01, RHSA-2020:1515-01, RHSA-2020:1516-01, RHSA-2020:1517-01, RHSA-2020:2236-01, RHSA-2020:2237-01, RHSA-2020:2238-01, RHSA-2020:2239-01, RHSA-2020:2241-01, SB10332, SUSE-SU-2020:14398-1, SUSE-SU-2020:1511-2, SUSE-SU-2020:1571-1, SUSE-SU-2020:1683-1, SUSE-SU-2020:1684-1, SUSE-SU-2020:1685-1, SUSE-SU-2020:1686-1, USN-4337-1, VIGILANCE-VUL-32028
Intel Processors : obtention d'information via Cleanup Errors
Un attaquant peut contourner les restrictions d'accès aux données via Cleanup Errors de Intel Processors, afin d'obtenir des informations sensibles...
6344075, CERTFR-2020-AVI-618, CVE-2020-0548, CVE-2020-0549, DLA-2248-1, DSA-4701-1, FEDORA-2020-11ddbfbdf0, FEDORA-2020-e8835a5f8e, HPESBHF03985, INTEL-SA-00329, JSA11110, openSUSE-SU-2020:0791-1, RHSA-2020:2431-01, RHSA-2020:2432-01, RHSA-2020:2433-01, RHSA-2020:2677-01, RHSA-2020:2679-01, RHSA-2020:2680-01, RHSA-2020:2706-01, RHSA-2020:2707-01, RHSA-2020:2757-01, RHSA-2020:2758-01, RHSA-2020:2771-01, RHSA-2020:2842-01, STORM-2019-026, SUSE-SU-2020:14394-1, USN-4385-1, USN-4385-2, VIGILANCE-VUL-31665
ipmitool : buffer overflow via lib/ipmi_fru.c
Un attaquant peut provoquer un buffer overflow via lib/ipmi_fru.c de ipmitool, afin de mener un déni de service, et éventuellement d'exécuter du code...
CVE-2020-5208, DLA-2098-1, JSA11110, openSUSE-SU-2020:0247-1, RHSA-2020:0979-01, RHSA-2020:0981-01, RHSA-2020:0984-01, RHSA-2020:1331-01, RHSA-2020:1486-01, RHSA-2020:2213-01, RHSA-2020:2276-01, RHSA-2020:2284-01, RHSA-2020:2286-01, SUSE-SU-2020:0405-1, SUSE-SU-2020:0617-1, SUSE-SU-2020:0630-1, SUSE-SU-2020:14313-1, VIGILANCE-VUL-31563
QEMU : lecture de mémoire hors plage prévue via snprintf
Un attaquant peut forcer la lecture à une adresse invalide via snprintf() de QEMU, afin de mener un déni de service, ou d'obtenir des informations sensibles...
CVE-2020-8608, DLA-2142-1, DLA-2144-1, DLA-2288-1, DLA-2551-1, DSA-4733-1, JSA11110, openSUSE-SU-2020:0468-1, RHSA-2020:0889-01, RHSA-2020:1208-01, RHSA-2020:1209-01, RHSA-2020:1351-01, RHSA-2020:1352-01, RHSA-2020:1379-01, RHSA-2020:1403-01, RHSA-2020:2773-01, RHSA-2020:2774-01, RHSA-2020:2844-01, RHSA-2020:3040-01, SUSE-SU-2020:14444-1, SUSE-SU-2020:14448-1, SUSE-SU-2020:2141-1, SUSE-SU-2020:2171-1, SUSE-SU-2020:2234-1, SUSE-SU-2020:3880-1, USN-4283-1, USN-4632-1, VIGILANCE-VUL-31540
Sudo : élévation de privilèges via pwfeedback
Un attaquant peut contourner les restrictions via pwfeedback de Sudo, afin d'élever ses privilèges...
CVE-2019-18634, DLA-2094-1, DSA-4614-1, FEDORA-2020-8b563bc5f4, HT210919, JSA11110, openSUSE-SU-2020:0244-1, RHSA-2020:0487-01, RHSA-2020:0509-01, RHSA-2020:0540-01, RHSA-2020:0726-01, SSA:2020-031-01, SUSE-SU-2020:0390-1, SUSE-SU-2020:0406-1, SUSE-SU-2020:0407-1, SUSE-SU-2020:0408-1, SUSE-SU-2020:0409-1, USN-4263-1, USN-4263-2, VIGILANCE-VUL-31480
SLiRP : buffer overflow via tcp_emu
Un attaquant, dans un système invité, peut provoquer un buffer overflow via tcp_emu() de SLiRP, afin de mener un déni de service, et éventuellement d'exécuter du code sur le système hôte...
CVE-2020-7039, DLA-2076-1, DLA-2090-1, DLA-2551-1, DSA-4616-1, JSA11110, openSUSE-SU-2020:0468-1, RHSA-2020:0348-01, RHSA-2020:0775-01, RHSA-2020:0889-01, RHSA-2020:1116-01, RHSA-2020:1150-01, RHSA-2020:1344-01, RHSA-2020:1351-01, RHSA-2020:1352-01, RHSA-2020:1358-01, RHSA-2020:1360-01, USN-4283-1, USN-4632-1, VIGILANCE-VUL-31350
Notre base de données contient d'autres bulletins. Vous pouvez utiliser un essai gratuit pour les consulter.

Consulter les informations sur Juniper Junos Space :